CVE-2013-5065

CVE Database · CVE-2013-5065

CVE-2013-5065

· HIGHAnalyzed

CVSS v3.1

7.8

EPSS

34.89%

Published

Nov 27, 2013

Modified

Apr 22, 2026

CISA Known Exploited Vulnerability

Added: 2022-03-03 · Due: 2022-03-24

Apply updates per vendor instructions.

Public PoC / Exploit (5)

All weaponized →

Exploit-DBMicrosoft Windows - 'NDPROXY' SYSTEM Privilege Escalation (MS14-002)Exploit-DBMicrosoft Windows - 'ndproxy.sys' Local Privilege Escalation (Metasploit)Exploit-DBMicrosoft Windows XP SP3 (x86) / 2003 SP2 (x86) - 'NDProxy' Local Privilege Escalation (MS14-002)TrickestTrickest PoC index GitHub PoCFriarfukd/RobbinHood★0

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products (3)

microsoft · windows_2003_servervulnerable

microsoft · windows_xpvulnerable

References (9)

http://technet.microsoft.com/security/advisory/2914486

PatchVendor Advisory

http://www.fireeye.com/blog/technical/cyber-exploits/2013/11/ms-windows-local-privilege-escalation-zero-day-in-the-wild.html

Broken LinkNot Applicable

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-002

PatchVendor Advisory

https://www.exploit-db.com/exploits/37732/

ExploitThird Party AdvisoryVDB Entry

http://technet.microsoft.com/security/advisory/2914486

Patch

KEV Catalog EPSS Scores Vendors All CVEs